The section "Suspicious versioning" consists entirely of the following piece of advice: "Detect suspicious versioning patterns."
I think it's fair to say that "solving supply chain attacks" is going to require more than just reading this article, although I appreciate the effort to raise awareness.
